Home
HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 10.2.2.
Planning and Installation
Installing HCL Workload Automation
Available installation methods
Post-installation configuration
The most common configuration steps to be performed after completing the installation.
Using SSL for event-driven workload automation (EDWA) behind firewalls

HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 10.2.2.
- Planning and Installation
  - Planning
  - Installing HCL Workload Automation
    Available installation methods
    - Installing from the CLI
    - Deploying with containers
      Deploy HCL Workload Automation quickly and easily with containers.
    - Post-installation configuration
      The most common configuration steps to be performed after completing the installation.
      - Configuring a user registry
        In this topic you can find information about how to configure a user registry.
      - Open Liberty configuration
        Describes how Open Liberty configuration files are organized in HCL Workload Automation
      - Configuring the TLS 1.3 security protocol
      - Configuring Single Sign-On
        Detailed instructions for Single Sign-On configuration
      - Connection security overview
      - Using SSL for event-driven workload automation (EDWA) behind firewalls
      - Configuring your master domain manager and dynamic domain manager in SSL mode
        Configuring your master domain manager and dynamic domain manager in SSL mode
      - FAQ - Security configurations
        A list of questions and answers related to security configurations:
  - Configuring
    Configuring HCL Workload Automation components after installation.
  - Upgrading
    How to upgrade HCL Workload Automation to the current version.
  - Moving from on-premises to cloud
    A quick procedure to move your workload from an on-premises to a cloud environment
  - Troubleshooting installation, migration, and uninstallation
    An overview on troubleshooting installation, migration, and uninstallation of the HCL Workload Automation.
  - Uninstalling
    An overview on how to uninstall the product.
  - Reference
- User's Guide and Reference
- Administration Guide
- Scheduling with the Agent for z/OS
- Database Views
- High Availability Cluster Environment
- Driving HCL Workload Automation
- Extending HCL Workload Automation

Using SSL for event-driven workload automation (EDWA) behind firewalls

This feature allows a domain manager to be run as a reverse proxy for HyperText Transfer Protocol (HTTP) and Event Integration Facility (EIF) protocols, forwarding traffic to the Event Processor. An option, enabled using the optman command-line program, allows you to choose if workstations that are behind a firewall must connect to the domain manager instead of to the event processor, causing the new proxy on the domain manager to forward its traffic to the event processor.

Restriction: This configuration is not supported if the agent workstation is a dynamic agent.

The incoming traffic is rerouted as follows:

If an agent is behind a firewall, the traffic is routed to the domain manager on the agent. If an agent is not behind a firewall, the traffic is sent directly to the event processor.
If domain managers have child nodes behind a firewall, the traffic is rerouted to the event processor.
Primary domain managers always reroute traffic to the current event processor.
Lower level domain managers reroute traffic to upper level domain managers if they are behind a firewall, or to the event processor if they are not behind a firewall.

To use this feature, perform the following steps:

Enable the feature by setting the optman option to yes. The default value is no:
```
enEventDrivenWorkloadAutomationProxy | pr = {yes|no}
```
In the workstation definition in the database for the agent, set the behindfirewall attribute to ON.
Configure OpenSSL on the domain manager.

For details about setting the behindfirewall attribute, see Workstation definition.